<?php
/*
 * Session variables:
 * $_SESSION['database'] [string] = database name of the current tutorial centre
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 * $_SESSION['tcname'] [string] = the name of the tutorial centre
 * $_SESSION['user'] [string] = the username/ email of the logged in user 
 */
session_start();

if(isset($_POST['submit']) && !empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['tcentre']))
{
	$_SESSION['database'] = $_POST['tcentre'];
	$dbname = $_SESSION['database'];
	$db_id=substr($dbname,2);
	include('connect.inc');
	
	$sql = "SELECT tutorial_centre FROM databases WHERE database_id=$db_id";
	$result = pg_query($sql);
	$_SESSION['tcname']=pg_fetch_result($result, 0, 'tutorial_centre');
	$username = pg_escape_string($_POST['username']);
	$password = pg_escape_string($_POST['password']);

	pg_connect("host=localhost user=postgres password=password dbname=$dbname") or die(ps_last_error());

	$sql = "SELECT * FROM users WHERE username = '$username' and password = '$password'";
	$result = pg_query($sql);

	$count = pg_num_rows($result);

	if($count==1)
	{
		$_SESSION['authorised'] = true;
		$_SESSION['user'] = $username;
		$_SESSION['type'] = pg_fetch_result($result, 0, 'usertype');
		if($_SESSION['type'] == 'administrator')
		{
			header('Location: admin_index.php');
			exit();
		}
		elseif ($_SESSION['type'] == 'student')
		{
			header('Location: student_index.php');
			exit();
		}
		elseif ($_SESSION['type'] == 'tutor')
		{
			header('Location: tutor_index.php');
			exit();
		}
		elseif ($_SESSION['type'] == 'parent')
		{
			header('Location: parent_index.php');
			exit();
		}
	}
	else
	{
		?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Home</title>
<link href="StyleSheet.css" rel="stylesheet" type="text/css" />
<style>
.nav {
	width: 210px;
	height: auto;
	border: thin solid #09C;
	margin-left: 10px;
	text-align: center;
}

.mainline {
	width: 712px;
	height: auto;
	text-align: center;
}
</style>

</head>
<body bgcolor="#FFFFFF">
	<center>

		<div id="wrapper">
			<div id="header">
				<h1></h1>
			</div>

			<div id="header2">
				<h3></h3>
			</div>

			<div id="nav">
			<?php include('login_navigation.php'); ?>
			</div>

			<div id="mainline">
				<h4>Log in</h4>
			</div>

			<div id="body">
				<p align="left">
					<b>Authentication failed</b><br /> Wrong username and password
					combination
				</p>
			</div>

			<br class="clearfloat" /> <br />
			<div id="footer">
				<p align="center">
					Tutorial Business Manager: info@tbms.com <br />Credits/Engineers:
					Aquino, Chloebelle; Dela Cruz, Roy Erwin; Maliwanag, Ranyel Bryan;
					Manzano, Audrey Ann; Ng, Sheila Regine<br /> <br />copyright 2011
				</p>
			</div>
		</div>
	</center>
</body>
</html>
<?php session_destroy();
	}
}
else
{
	if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
	{
		header('Location: index.php');
		exit();
	}
	header('Location: index.php');
	exit();
}
?>
